New submission from Bernhard Herzog <bh@intevation.de>:
I have a mail signed by a certificate whose root CA is not marked as trusted.
KMail shows that signature as green. I am not asked whether I do trust that
root CA and it is not listed in ~/.gnupg/trustlist.txt.
If I enable the "allow clients to mark keys as trusted" option in the gpgme
backend configuration dialog in kleopatra, I am asked whether the certificate
can be trusted.
Now, it's probably intended that I am not asked about the trust if that option
is not enabled, but I doubt it's intended that signatures from untrusted CAs are
green.
----------
assignedto: werner
messages: 1154
nosy: bh, werner
priority: urgent
status: unread
title: kmail shows signature as green even though root ca not trusted
topic: gpg-agent
______________________________________________________
Aegypten issue tracker <aegypten-issues@intevation.de>
<https://intevation.de/roundup/aegypten/issue230>
______________________________________________________
I have a mail signed by a certificate whose root CA is not marked as trusted.
KMail shows that signature as green. I am not asked whether I do trust that
root CA and it is not listed in ~/.gnupg/trustlist.txt.
If I enable the "allow clients to mark keys as trusted" option in the gpgme
backend configuration dialog in kleopatra, I am asked whether the certificate
can be trusted.
Now, it's probably intended that I am not asked about the trust if that option
is not enabled, but I doubt it's intended that signatures from untrusted CAs are
green.
----------
assignedto: werner
messages: 1154
nosy: bh, werner
priority: urgent
status: unread
title: kmail shows signature as green even though root ca not trusted
topic: gpg-agent
______________________________________________________
Aegypten issue tracker <aegypten-issues@intevation.de>
<https://intevation.de/roundup/aegypten/issue230>
______________________________________________________